US retailers warned by FBI of further POS malware attacks

Memory parsing software poses major threat

Retailers in the US have been warned by the FBI to prepare for further cyber attacks, according to Reuters.

A confidential FBI report has been distributed among US retailers, says Reuters, warning them that it has seen 20 similar attacks in the past year that were similar to the recent and widely reported Target Corp attack.

The FBI said the "memory-parsing" malware could be used in further attacks against point-of-sale (POS) systems.

"We believe POS malware crime will continue to grow over the near term, despite law enforcement and security firms' actions to mitigate it," says the FBI report, seen by Reuters.

The report went on, "The accessibility of the malware on underground forums, the affordability of the software and the huge potential profits to be made from retail POS systems in the United States make this type of financially motivated cyber crime attractive to a wide range of actors."

The FBI confirmed to Reuters it had distributed the report. Target disclosed one of the biggest retail cyber attacks ever seen, after 40 million credit and debit card details were stolen over 19 days before being detected. The attack also saw the personal details of 70 million customers being compromised.

Fellow retailer Neiman Marcus also said it had become the victim of a similar malware attack, which saw 1.1 million customer card details being stolen.

Customers from both retail chains now face the threat of identity threat and losses from fraud.

Thieves in both cases are said to have used a "RAM scraper." When customers' cards are swiped and the details are sent to the retailer's payment processing provider, the data is encrypted. But RAM scrapers extract the information while it is in the computer's live memory - when it briefly appears as plain text.

Join the CSO newsletter!

Error: Please check your email address.

Tags TargetReuterssecurityM1Neiman Marcusfbi

More about FBIReuters Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Antony Savvas

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place